CVE-2024-48293

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Nov 18, 2024
Updated: Nov 19, 2024
CWE ID 276

Summary

CVE-2024-48293 is a new vulnerability affecting QuickHeal Antivirus Pro versions 24.1.0.182 and older. This issue grants authenticated attackers with low-level privileges the ability to arbitrarily modify antivirus settings, bypassing the intended access control. This could potentially lead to the bypassing of security protections and the introduction of malware into the system. Attackers could exploit this vulnerability to disable real-time protection or adjust other antivirus settings to their advantage. Users are urged to update their QuickHeal Antivirus software to the latest version to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Quick Heal Antivirus Pro

Affected Vendors

  • Quick Heal Technologies Private Limited